Problembeschreibung

Will Drewry of the Google Security Team reported several
vulnerabilities in how libvorbis processed audio data. An attacker
could create a carefuly crafted OGG audio file in such a way that it
would cause an application linked to libvorbis to crash or possibly
execute arbitray code when opened (CVE-2008-1419, CVE-2008-1420,
CVE-2008-1423).